// 引入验证jsonwebtoken模块
const jwt = require('jsonwebtoken')
var { expressjwt: expressJWT } = require('express-jwt')
// 引入自定义的jwt密钥
const { PRIVATE_KEY, exprired } = require('./constant')
//生成token

function createToken(payload) {
  //expiresIn时效参数必须写
  const token = jwt.sign({ payload }, PRIVATE_KEY, { expiresIn: exprired })
  return token
}
// 验证 token
const jwtAuth = expressJWT({
  secret: PRIVATE_KEY,
  algorithms: ['HS256'],
  credentialsRequired: true, //  false：不校验
}).unless({
  path: ['/login', '/user/commonuser'], //不需要校验的路径
})

module.exports = {
  jwtAuth,
  createToken,
}
